Re: [PATCH 4.19 000/220] 4.19.86-stable review

[Greg Kroah-Hartman]

On Fri, Nov 22, 2019 at 09:05:34AM -0800, Matthew Wilcox wrote:
> On Fri, Nov 22, 2019 at 04:16:31PM +0100, Greg Kroah-Hartman wrote:
> > On Fri, Nov 22, 2019 at 06:47:05AM -0800, Guenter Roeck wrote:
> > > On 11/22/19 2:26 AM, Greg Kroah-Hartman wrote:
> > > > This is the start of the stable review cycle for the 4.19.86 release.
> > > > There are 220 patches in this series, all will be posted as a response
> > > > to this one.  If anyone has any issues with these being applied, please
> > > > let me know.
> > > > 
> > > > Responses should be made by Sun, 24 Nov 2019 09:59:19 +0000.
> > > > Anything received after that time might be too late.
> > > > 
> > > 
> > > I see the following warning (at least for arm64, ppc64, and x86_64).
> > > This seems to be caused by "idr: Fix idr_get_next race with idr_remove".
> > > v4.14.y is also affected. Mainline and v5.3.y are not affected.
> 
> That makes sense; the code in question is different after 4.19.
> Thanks for the report; it's very clear.
> 
> > Willy, this looks like something from your patch, is it to be expected?
> 
> It's harmless; the problem is that we can't check whether the dereference
> is safe.  The caller isn't holding the RCU lock, and the IDR code doesn't
> know what lock is being held to make this dereference safe.  Do you want
> a changelog for this oneliner which disables the checking?
> 
> diff --git a/lib/idr.c b/lib/idr.c
> index 49e7918603c7..6ff3b1c36e0a 100644
> --- a/lib/idr.c
> +++ b/lib/idr.c
> @@ -237,7 +237,7 @@ void *idr_get_next(struct idr *idr, int *nextid)
>  
>  	id = (id < base) ? 0 : id - base;
>  	radix_tree_for_each_slot(slot, &idr->idr_rt, &iter, id) {
> -		entry = radix_tree_deref_slot(slot);
> +		entry = rcu_dereference_raw(*slot);
>  		if (!entry)
>  			continue;
>  		if (!radix_tree_deref_retry(entry))

Thanks for this, I'll merge it with the existing patch tomorrow, it's
late here...

greg k-h